28
Today, the team at v12 released a video showing a PoC of Universal Account Takeover affecting Firefox Focus of iOS version. (media.infosec.exchange)
submitted 18 hours ago* (last edited 18 hours ago) by AmmarSpaces@infosec.exchange to c/firefox@lemmy.world
10 comments fedilink hide all child comments

Today, the team at v12 released a video showing a PoC of Universal Account Takeover affecting Firefox Focus of iOS version.

The PoC were released because it is been almost a year the vuln reported, but it is not patched yet.

The video below is demonstration of the vulnerability. We can see that,your X, Google, Reddit, can be taken over only in one click of a link.

Vulnerability explanation and the partly PoC can be seen here:
https://github.com/v12-security/pocs/tree/main/firefox

@firefox

#cybersecurity #infosec #0day #firefox

you are viewing a single comment's thread
view the rest of the comments
[-] AmmarSpaces@infosec.exchange 4 points 17 hours ago

@snoozzze @firefox Yeah, it is pretty bad.

Funny that their use of Mythos didn't fix this vuln, or maybe they only care about their computer Web Browser.

😩

[-] slazer2au@lemmy.world 4 points 14 hours ago

Because the iOS version of Firefox uses WebKit not Geko. You can blame Apple for the walled garden full of holes for this.

[-] XLE@piefed.social 6 points 10 hours ago

The bug isn't in any other WebKit browser.

this post was submitted on 09 Jun 2026
28 points (100.0% liked)

Firefox

7256 readers
52 users here now

A community for discussion about Mozilla Firefox.

founded 3 years ago
MODERATORS
lightbeam24@lemmy.world